<? 
session_start();
				
include ('conn.php');
				
$db = get_conn();
				
check_session();
		  
if ($_POST['Agregar']!=""){
	$sql = "INSERT INTO visitors (id_location,id_number,vtype,name,car_id,access_restrictions,reponse) VALUES (
	".($_POST['id_location']).",
	\"".htmlspecialchars($_POST['id_number'])."\",
	\"".($_POST['vtype'])."\",
	\"".htmlspecialchars($_POST['name'])."\",
	\"".htmlspecialchars($_POST['car_id'])."\",
	\"".htmlspecialchars($_POST['access_restrictions'])."\",
	\"".htmlspecialchars($_POST['reponse'])."\")";
			
	$result = mysql_query($sql);
			
 	if($result){
			
 		do_redirect('../welcome_user.php'); 	  
			
 	}else{
			
 		error_handling('visitors.insert  - '.$sql,mysql_error());
			
 	}				  
		 
}//Agregar
		  
if ($_POST['Actualizar']!=""){
			
	$sql = "update visitors set 
	id_number=\"".htmlspecialchars($_POST['id_number'])."\",
	vtype=\"".$_POST['vtype']."\",
	name=\"".htmlspecialchars($_POST['name'])."\",
	car_id=\"".htmlspecialchars($_POST['car_id'])."\",
	access_restrictions=\"".htmlspecialchars($_POST['access_restrictions'])."\",
	reponse=\"".htmlspecialchars($_POST['reponse'])."\"
 
	where id_visitor=".$_POST['id_visitor'];
			 
			
	$result = mysql_query($sql);
			
	if($result){
				
		do_redirect('../welcome_user.php'); 	  
					
			
	}else{
				
		error_handling('visitors.update - '.$sql,mysql_error());
			
	}				  
		 
}//update
		  
if ($_POST['Eliminar']!=""){
			
	$sql = "delete from visitors where id_visitor=".$_POST['id_visitor'];
			
	$result = mysql_query($sql);
			
	if($result){
				
		do_redirect('../welcome_user.php'); 	  
			
	}else{
				
		error_handling('visitors.delete - '.$sql,mysql_error());
			
	}				  
		 
}//delete
		  
if ($_POST['Nuevo']!=""){
				
		do_redirect('../welcome_user.php'); 	  
		  
}//nuevo

?>